1VM::EC2::VPC::NetworkAcUls(e3r)Contributed Perl DocumentVaMt:i:oEnC2::VPC::NetworkAcl(3)
2
3
4

NAME

6       VM::EC2::VPC::NetworkAcl - Virtual Private Cloud network ACL
7

SYNOPSIS

9        use VM::EC2;
10
11        my $ec2      = VM::EC2->new(...);
12        my @acls     = $ec2->describe_network_acls(-network_acl_id=>'acl-12345678');
13         foreach my $acl (@acls) {
14             my $vpc_id  = $acl->vpcId;
15             my $default = $acl->default;
16             my @entries = $acl->entries;
17             my @assoc   = $acl->associations;
18             ...
19         }
20
21        my $acl      = $ec2->create_network_acl_entry(...);
22

DESCRIPTION

24       This object represents an Amazon EC2 VPC network ACL, and is returned
25       by VM::EC2->describe_network_acls() and ->create_network_acl()
26

METHODS

28       These object methods are supported:
29
30        networkAclId   -- The network ACL's ID.
31        vpcId          -- The ID of the VPC the network ACL is in.
32        default        -- Whether this is the default network ACL in the VPC.
33        entrySet       -- A list of entries (rules) in the network ACL.
34        associationSet -- A list of associations between the network ACL and
35                          one or more subnets.
36        tagSet         -- Tags assigned to the resource.
37        associations   -- Alias for associationSet.
38        entries        -- Alias for entrySet.
39
40       The object also supports the tags() method described in
41       VM::EC2::Generic:
42

CONVENIENCE METHODS

44   $success = $acl->create_entry(%args) =head2 $success =
45       $acl->create_entry($acl_entry)
46       Creates an entry (i.e., rule) in a network ACL with the rule number you
47       specified. Each network ACL has a set of numbered ingress rules and a
48       separate set of numbered egress rules. When determining whether a
49       packet should be allowed in or out of a subnet associated with the ACL,
50       Amazon VPC processes the entries in the ACL according to the rule
51       numbers, in ascending order.
52
53       Arguments:
54
55        -rule_number          -- Rule number to assign to the entry (e.g., 100).
56                                 ACL entries are processed in ascending order by
57                                 rule number.  Positive integer from 1 to 32766.
58                                 (Required)
59        -protocol             -- The IP protocol the rule applies to. You can use
60                                 -1 to mean all protocols.  See
61                                 http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
62                                 for a list of protocol numbers. (Required)
63        -rule_action          -- Indicates whether to allow or deny traffic that
64                                  matches the rule.  allow | deny (Required)
65        -egress               -- Indicates whether this rule applies to egress
66                                 traffic from the subnet (true) or ingress traffic
67                                 to the subnet (false).  Default is false.
68        -cidr_block           -- The CIDR range to allow or deny, in CIDR notation
69                                 (e.g., 172.16.0.0/24). (Required)
70        -icmp_code            -- For the ICMP protocol, the ICMP code. You can use
71                                 -1 to specify all ICMP codes for the given ICMP
72                                 type.  Required if specifying 1 (ICMP) for protocol.
73        -icmp_type            -- For the ICMP protocol, the ICMP type. You can use
74                                 -1 to specify all ICMP types.  Required if
75                                 specifying 1 (ICMP) for the protocol
76        -port_from            -- The first port in the range.  Required if specifying
77                                 6 (TCP) or 17 (UDP) for the protocol.
78        -port_to              -- The last port in the range.  Required if specifying
79                                 6 (TCP) or 17 (UDP) for the protocol.
80
81       Alternately, can pass an existing ACL entry object
82       VM::EC2::VPC::NetworkAcl::Entry as the only argument for ease in
83       copying entries from one ACL to another.
84
85       Returns true on successful creation.
86
87   $success = $acl->delete_entry(%args) =head2 $success =
88       $acl->delete_entry($acl_entry)
89       Deletes an ingress or egress entry (i.e., rule) from a network ACL.
90
91       Arguments:
92
93        -network_acl_id       -- ID of the ACL where the entry will be created
94
95        -rule_number          -- Rule number of the entry (e.g., 100).
96
97       Optional arguments:
98
99        -egress    -- Whether the rule to delete is an egress rule (true) or ingress
100                      rule (false).  Default is false.
101
102       Alternately, can pass an existing ACL entry object
103       VM::EC2::VPC::NetworkAcl::Entry as the only argument to ease deletion
104       of entries.
105
106       Returns true on successful deletion.
107
108   $success = replace_entry(%args) =head2 $success = replace_entry($acl_entry)
109       Replaces an entry (i.e., rule) in a network ACL.
110
111       Arguments:
112
113        -network_acl_id       -- ID of the ACL where the entry will be created
114                                 (Required)
115        -rule_number          -- Rule number of the entry to replace. (Required)
116        -protocol             -- The IP protocol the rule applies to. You can use
117                                 -1 to mean all protocols.  See
118                                 http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
119                                 for a list of protocol numbers. (Required)
120        -rule_action          -- Indicates whether to allow or deny traffic that
121                                  matches the rule.  allow | deny (Required)
122        -egress               -- Indicates whether this rule applies to egress
123                                 traffic from the subnet (true) or ingress traffic
124                                 to the subnet (false).  Default is false.
125        -cidr_block           -- The CIDR range to allow or deny, in CIDR notation
126                                 (e.g., 172.16.0.0/24). (Required)
127        -icmp_code            -- For the ICMP protocol, the ICMP code. You can use
128                                 -1 to specify all ICMP codes for the given ICMP
129                                 type.  Required if specifying 1 (ICMP) for protocol.
130        -icmp_type            -- For the ICMP protocol, the ICMP type. You can use
131                                 -1 to specify all ICMP types.  Required if
132                                 specifying 1 (ICMP) for the protocol
133        -port_from            -- The first port in the range.  Required if specifying
134                                 6 (TCP) or 17 (UDP) for the protocol.
135        -port_to              -- The last port in the range.  Only required if
136                                 specifying 6 (TCP) or 17 (UDP) for the protocol and
137                                 is a different port than -port_from.
138
139       Alternately, can pass an existing ACL entry object
140       VM::EC2::VPC::NetworkAcl::Entry as the only argument for ease in
141       replacing entries from one ACL to another.  The rule number in the
142       passed entry object must already exist in the ACL.
143
144       Returns true on successful replacement.
145
146   $association_id = $acl->associate($subnet_id)
147       Associates the ACL with a subnet in the same VPC.  Replaces whatever
148       ACL the subnet was associated with previously.
149
150   $association_id = $acl->disassociate($subnet_id)
151       Disassociates the ACL with a subnet in the same VPC.  The subnet will
152       then be associated with the default ACL.
153

STRING OVERLOADING

155       When used in a string context, this object will interpolate the
156       networkAclId.
157

SEE ALSO

159       VM::EC2 VM::EC2::Generic VM::EC2::Tag VM::EC2::VPC
160       VM::EC2::VPC::NetworkAcl::Entry VM::EC2::VPC::NetworkAcl::Association
161

AUTHOR

163       Lance Kinley <lkinley@loyaltymethods.com>.
164
165       Copyright (c) 2012 Loyalty Methods, Inc.
166
167       This package and its accompanying libraries is free software; you can
168       redistribute it and/or modify it under the terms of the GPL (either
169       version 1, or at your option, any later version) or the Artistic
170       License 2.0.  Refer to LICENSE for the full license text. In addition,
171       please see DISCLAIMER.txt for disclaimers of warranty.
172
173
174
175perl v5.34.0                      2022-01-21       VM::EC2::VPC::NetworkAcl(3)
Impressum